package com.zyht.common.web.filter;

import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

public class XSSFilter implements Filter {

	private Pattern pattern = Pattern.compile("^\\/(js|css|images)\\/.*");
	
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
    	HttpServletRequest httpRequest = (HttpServletRequest) request;
    	String requestURI = httpRequest.getServletPath();
        Matcher matcher= pattern.matcher(requestURI);
    	if(!matcher.matches()){
    		XssHttpServletRequestWrapper xssRequest = new XssHttpServletRequestWrapper((HttpServletRequest) request);
    		chain.doFilter(xssRequest, response);
    	}else
    		chain.doFilter(request, response);
    }

    @Override
    public void destroy() {
    }

}